Riccardo Mori is a security researcher working at Quarkslab in the automated
analysis team, his main research topics include binary diffing and binary exporters.
He is an active developer of both internal and open-source tools developed in the
When analyzing a system, reverse engineering a program at binary-level is often needed to understand its behavior. A common use-case is malware analysis or security assessement in order to uncover vulnerabilities. Reverse-engineering usually requires working on the disassembled program to perform manual or automated analysis. Furthermore, we are usually led to analyze a whole bunch of programs and to compare them with binary diffing. The later is essential for comparing variants of a same program or malware. It is also useful to inspect updates published by vendors for the sake of understanding a patch. This workshop introduces a variety of python programs and libraries that we developed to automate the analysis of disassembled programs, to automate the diffing and to automate the analysis of the differences!